circlecloud/tmux
1
0
Fork 0
mirror of https://github.com/tmux/tmux.git synced 2026-05-31 14:46:17 +00:00
Code Issues Projects Releases Wiki Activity

Tighten up read-only checks on attach-session, detach-client and

Browse Source 
switch-client so that a user should be able to only detach their own
client. Reported by John Walker.
This commit is contained in:
nicm
2026-05-22 15:22:43 +00:00
parent d45a9cad8c
commit 143a177055
3 changed files with 28 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cmd-detach-client.c
View File

@@ -59,6 +59,7 @@ cmd_detach_client_exec(struct cmd *self, struct cmdq_item *item)
{
struct args *args = cmd_get_args(self);
struct cmd_find_state *source = cmdq_get_source(item);
struct client *c = cmdq_get_client(item);
struct client *tc = cmdq_get_target_client(item), *loop;
struct session *s;
enum msgtype msgtype;
@@ -69,6 +70,13 @@ cmd_detach_client_exec(struct cmd *self, struct cmdq_item *item)
return (CMD_RETURN_NORMAL);
}
if (c->flags & CLIENT_READONLY) {
if (args_has(args, 's') || args_has(args, 'a') || c != tc) {
cmdq_error(item, "client is read-only");
return (CMD_RETURN_ERROR);
}
}
if (args_has(args, 'P'))
msgtype = MSG_DETACHKILL;
else